WyAtu

8 exploits Active since Nov 2018
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
495 stars
CVSS 7.8
CVE-2018-8581 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
332 stars
CVSS 7.4
CVE-2018-4407 NOMISEC HIGH WORKING POC
iPhone OS < 12.0 - Memory Corruption via ICMP Error Handling
A memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.
13 stars
CVSS 8.8
CVE-2018-8581 NOMISEC HIGH WORKING POC
Microsoft Exchange Server - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
5 stars
CVSS 7.4
CVE-2018-20250 NOMISEC HIGH WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS 7.8
CVE-2021-42321 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange Server - Remote Code Execution
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS 8.8
CVE-2018-8581 PATCHAPALOOZA HIGH WORKING POC
Microsoft Exchange Server - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
CVSS 7.4
CVE-2018-20250 EXPLOITDB HIGH python WORKING POC
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
CVSS 7.8